207
Step Command Remarks
2. Enter Layer 2 Ethernet
interface view.
interface interface-type
interface-number
N/A
3. Ignore the authorization
information from the RADIUS
server or the local device.
port-security authorization ignore
By default, a port uses the
authorization information from the
RADIUS server or the local device.
Displaying and maintaining port security
Task Command Remarks
Display port security configuration
information, operation
information, and statistics about
one or more ports or all ports.
display port-security [ interface
interface-list ] [ | { begin | exclude
| include } regular-expression ]
Available in any view
Display information about secure
MAC addresses.
display port-security mac-address
security [ interface interface-type
interface-number ] [ vlan vlan-id ]
[ count ] [ | { begin | exclude |
include } regular-expression ]
Available in any view
Display information about blocked
MAC addresses.
display port-security mac-address
block [ interface interface-type
interface-number ] [ vlan vlan-id ]
[ count ] [ | { begin | exclude |
include } regular-expression ]
Available in any view
Port security configuration examples
Configuring the autoLearn mode
Network requirements
See Figure 72. Configure port Ethernet 1/0/1 on the Device, as follows:
• Accept up to 64 users on the port without authentication.
• Permit the port to learn and add MAC addresses as sticky MAC addresses, and set the sticky MAC
aging timer to 30 minutes.
• After the number of secure MAC addresses reaches 64, the port stops learning MAC addresses. If
any frame with an unknown MAC address arrives, intrusion protection starts, and the port shuts
down and stays silent for 30 seconds.
To Next Page
Loading...
Need help?
General